[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Apr 10 17:17:22 BST 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b7f29b3f by Moritz Muehlenhoff at 2023-04-10T18:16:57+02:00
bookworm triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11040,9 +11040,17 @@ CVE-2023-26486 (Vega is a visualization grammar, a declarative format for creati
 	NOT-FOR-US: Vega
 CVE-2023-26485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed>
+	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
+	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	- python-cmarkgfm <unfixed>
+	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
+	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed>
+	[bookworm] - r-cran-commonmark <no-dsa> (Minor issue)
+	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed>
+	[bookworm] - ruby-commonmarker <no-dsa> (Minor issue)
+	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-r8vr-c48j-fcc5
 	NOTE: https://github.com/github/cmark-gfm/commit/07a66c9bc341f902878e37d7da8647d6ef150987
 CVE-2023-26484 (KubeVirt is a virtual machine management add-on for Kubernetes. In ver ...)
@@ -15894,9 +15902,17 @@ CVE-2023-24825
 	RESERVED
 CVE-2023-24824 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed>
+	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
+	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	- python-cmarkgfm <unfixed>
+	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
+	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed>
+	[bookworm] - r-cran-commonmark <no-dsa> (Minor issue)
+	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed>
+	[bookworm] - ruby-commonmarker <no-dsa> (Minor issue)
+	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-66g8-4hjf-77xh
 	NOTE: https://github.com/github/cmark-gfm/commit/2300c1bd2c8226108885bf019655c4159cf26b59
 CVE-2023-24823
@@ -15935,6 +15951,7 @@ CVE-2023-24810 (Misskey is an open source, decentralized social media platform.
 	NOT-FOR-US: Misskey
 CVE-2023-24809 (NetHack is a single player dungeon exploration game. Starting with ver ...)
 	- nethack <unfixed> (bug #1031869)
+	[bookworm] - nethack <no-dsa> (Minor issue)
 	[bullseye] - nethack <no-dsa> (Minor issue)
 	[buster] - nethack <no-dsa> (Minor issue)
 	NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-2cqv-5w4v-mgch
@@ -23436,28 +23453,60 @@ CVE-2023-22487 (Flarum is a forum software for building communities. Using the m
 	NOT-FOR-US: Flarum
 CVE-2023-22486 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed> (bug #1033110)
+	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
+	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	- python-cmarkgfm <unfixed> (bug #1033111)
+	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
+	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed> (bug #1033112)
+	[bookworm] - r-cran-commonmark <no-dsa> (Minor issue)
+	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed> (bug #1033113)
+	[bookworm] - ruby-commonmarker <no-dsa> (Minor issue)
+	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p
 	NOTE: https://github.com/github/cmark-gfm/commit/ece074cc3378f7a8dec0395f00123e9fa6981f7b (0.29.0.gfm.7)
 CVE-2023-22485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed> (bug #1033110)
+	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
+	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	- python-cmarkgfm <unfixed> (bug #1033111)
+	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
+	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed> (bug #1033112)
+	[bookworm] - r-cran-commonmark <no-dsa> (Minor issue)
+	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed> (bug #1033113)
+	[bookworm] - ruby-commonmarker <no-dsa> (Minor issue)
+	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr
 CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed> (bug #1033110)
+	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
+	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	- python-cmarkgfm <unfixed> (bug #1033111)
+	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
+	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed> (bug #1033112)
+	[bookworm] - r-cran-commonmark <no-dsa> (Minor issue)
+	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed> (bug #1033113)
+	[bookworm] - ruby-commonmarker <no-dsa> (Minor issue)
+	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r
 CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...)
 	- cmark-gfm <unfixed> (bug #1033110)
+	[bookworm] - cmark-gfm <no-dsa> (Minor issue)
+	[bullseye] - cmark-gfm <no-dsa> (Minor issue)
 	- python-cmarkgfm <unfixed> (bug #1033111)
+	[bookworm] - python-cmarkgfm <no-dsa> (Minor issue)
+	[bullseye] - python-cmarkgfm <no-dsa> (Minor issue)
 	- r-cran-commonmark <unfixed> (bug #1033112)
+	[bookworm] - r-cran-commonmark <no-dsa> (Minor issue)
+	[bullseye] - r-cran-commonmark <no-dsa> (Minor issue)
 	- ruby-commonmarker <unfixed> (bug #1033113)
+	[bookworm] - ruby-commonmarker <no-dsa> (Minor issue)
+	[bullseye] - ruby-commonmarker <no-dsa> (Minor issue)
 	NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c
 CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
 	NOT-FOR-US: Argo CD



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7f29b3f8a9a4f331cc9aab4ca56268d86484ab1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7f29b3f8a9a4f331cc9aab4ca56268d86484ab1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230410/b31e989c/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list